The responsible party within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:
Cuculus GmbH
Lindenstraße 9–11
98693 Ilmenau
Germany
Phone: +49 3677 686 000 0
Fax: +49 3677 686 000 9
Email: office@cuculus.net
The data protection officer for the data controller is:
ad hoc datenschutz GmbH
Im Bresselsholze 12
07819 Triptis
Germany
Contact:
Phone: +49 365 52786230
Fax: +49 365 52786259
Email: kontakt@adhoc-datenschutz.de
In accordance with Article 13 GDPR, we inform you of the legal bases for our data processing. If a specific legal basis is not explicitly stated in a particular privacy notice, the following applies:
We adhere to the principles of data minimization under Article 5(1)(c) GDPR and storage limitation under Article 5(1)(e) GDPR. We store your personal data only as long as necessary for the purposes stated here or as required by law. Once the relevant purpose no longer applies or statutory retention periods have expired, we will delete the respective data promptly.
This website may contain links to third-party websites or to other websites under our responsibility. If you follow a link to an external site, please note that these websites have their own privacy policies. We assume no responsibility or liability for these external websites or their privacy practices. Please review those privacy policies before using such sites.
External links are typically indicated by a different color or underline. When you hover over such a link, your cursor will change accordingly. Your personal data (e.g., IP address, timestamp, referring page) will only be transmitted to the linked website once you click the link. Please refer to the respective provider’s privacy notice for further details.
Also note that some links may lead to data transfers outside the European Economic Area, potentially allowing foreign authorities to access your data. You may not have legal recourse against such access. If you do not wish your data to be transferred or potentially accessed by foreign authorities, please refrain from clicking such links.
As a data subject under the GDPR, you have the following rights:
Some data processing operations are only permitted with your explicit consent. You may withdraw your consent at any time. The lawfulness of processing up to the point of withdrawal remains unaffected.
If processing is based on Article 6(1)(e) or (f) GDPR, you may object at any time on grounds relating to your particular situation. This also applies to profiling based on those provisions (Art. 4 No. 4 GDPR).
If we cannot demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if the processing is not for the establishment, exercise, or defense of legal claims, we will cease processing your data after an objection.
If your data is processed for direct marketing purposes, you also have the right to object at any time. This includes profiling related to direct marketing. In such cases, we will no longer process your personal data.
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in your place of residence, workplace, or the location of the alleged violation. This right exists regardless of other legal remedies.
If your data is processed based on consent or a contract and by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format. You also have the right to request that this data be transmitted to another controller, where technically feasible.
You have the right to obtain information about the personal data we process, including the purposes, categories, recipients, and storage periods. If you have questions about this or any other matter concerning your personal data, feel free to contact us using the details provided in the legal notice.
You may request the restriction of processing of your personal data under the following conditions:
If processing is restricted, your personal data – apart from storage – will only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the EU or a Member State.
Our website is hosted by:
Mittwald CM Service GmbH & Co. KG
Königsberger Str. 4–6
32339 Espelkamp
Germany
When you visit our website, we automatically collect and store information in so-called server log files. This information is automatically transmitted by your browser to our server or the server of our hosting provider.
This includes:
This data is not merged with other data sources.
Instead of operating this website on our own servers, we may use the servers of an external service provider (hosting company). In that case, the personal data collected via this website is stored on the servers of the hosting company. In addition to the data listed above, the hosting provider may store data such as contact inquiries, contact details, names, website access data, metadata and communication data, contract data, and other data generated via the website.
The legal basis for processing this data is Art. 6(1)(f) GDPR. Our legitimate interest lies in the technically error-free and optimized presentation of this website. If the website is accessed to initiate or fulfill a contract with us, Art. 6(1)(b) GDPR serves as an additional legal basis. If we have commissioned a hosting company, a data processing agreement has been concluded with the service provider.
Our website uses local storage items, session storage items, and/or cookies.
Local Storage is a mechanism that allows data to be stored directly in the browser on your device. This typically stores user preferences (e.g. dark or light mode), and this data remains stored until manually deleted. Session Storage is similar but only persists during the current session—once the browser tab is closed, the data is deleted.
Cookies are small pieces of data placed on your device by a web server to identify that device. They can be temporary (session cookies, deleted after your visit) or persistent (remain stored until manually or automatically deleted by your browser).
These objects may also be placed on your device by third-party providers when you access our website (third-party requests). This enables us—and you as a user—to utilize external services integrated into the site, such as video display or payment processing.
These technologies serve various purposes: they can improve the functionality of the website, manage shopping carts, enhance security and usability, and enable analytics of visitor behavior. Their legal classification depends on their function. If required for the operation of the site or specific features (e.g. shopping cart), or for optimization (e.g. visitor analytics), they are used based on Art. 6(1)(f) GDPR. As website operators, we have a legitimate interest in storing these items to ensure the smooth and optimized delivery of our services.
In all other cases, the use of Local Storage, Session Storage, and cookies only takes place with your express consent in accordance with Art. 6(1)(a) GDPR.
If we use third-party services or analytics tools that store such data, you will be informed in this privacy policy and your consent will be requested and can be revoked at any time.
We use external services on our website. These are third-party services integrated for various purposes, such as embedding videos or enhancing site security. When such services are used, personal data may be transmitted to the respective providers.
Where no overriding legitimate interest exists, we obtain your consent before using such services in accordance with Art. 6(1)(a) GDPR, which can be withdrawn at any time.
To comply with data protection requirements, we use a consent management tool on our website. This tool allows us to collect and document user consent for cookies or the use of external services.
The processing is necessary to fulfill a legal obligation to which the website operator is subject. Therefore, the legal basis for this processing is Art. 6(1)(c) GDPR.
We use the service CookieYes on our website. The provider is:
CookieYes
3 Warren Yard, Milton Keynes,
Milton Keynes, MK12 5NW
United Kingdom
As this service may involve data transfers to a third country (UK), we note that the European Commission has confirmed an adequate level of data protection for the United Kingdom via adequacy decision.
For more information, please refer to the provider’s privacy policy: https://www.cookieyes.com/privacy-policy/
We use a Content Delivery Network (CDN) to optimize the performance and availability of our website. Your IP address and the time of your visit are processed by the service provider operating the CDN. All further details can be found in that provider’s own privacy policy.
This processing is based on our legitimate interest in accordance with Art. 6(1)(f) GDPR.
Our interest in using a CDN lies in ensuring our website is as fast, secure, and reliable as possible.
We use the service Google Static on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Using this service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection.
Further information can be found in the provider’s privacy policy at: https://business.safety.google/privacy
We use tools aimed at optimizing the presentation of our website. These tools help, for example, to make the site available in different languages or more accessible.
Data processing takes place only with your consent, which is obtained via our cookie banner. The legal basis for this processing is your consent pursuant to Art. 6(1)(a) GDPR. Without your consent, no data processing takes place in this context. If you withdraw your consent (e.g. via the cookie banner or other available options on this website), we will stop this data processing. The legality of the processing up to the point of withdrawal remains unaffected.
We use the service Ultimate Post List on our website. The provider is Kybernetik Services GmbH, Dömitzer Strasse 38, 12359 Berlin, Germany.
As this service is hosted locally on our web server, no data is transferred to third parties.
Business processes can be executed more efficiently, cost-effectively, and with fewer errors when supported by interface software. Such software enables different applications to be connected—for example, to integrate the website with internal systems or social media channels.
Data processing via such software only occurs with your explicit consent via our cookie banner. The legal basis for this is Art. 6(1)(a) GDPR. Without your consent, no processing takes place. If you withdraw your consent, the processing will be stopped. The legality of processing up to the point of withdrawal remains unaffected.
We use the Google APIs service on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Using this service may involve data transfers to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection.
Further information is available in the provider’s privacy policy: https://business.safety.google/privacy
Software frameworks facilitate interaction with platforms by providing standardized interfaces. They reduce development effort for recurring functions, enhance code reusability, and often include security features to protect the website from misuse. They may also improve functionality, accessibility, performance, and security.
Data processing only occurs with your consent via the cookie banner. The legal basis is Art. 6(1)(a) GDPR. Without your consent, no data processing takes place. If consent is withdrawn, processing will cease. Processing up to the point of withdrawal remains lawful.
We use the PHP.net service on our website. The provider is The PHP Group, 1400 Parkmoor Ave, Ste 100, San Jose, California, 95126, USA.
As this service is hosted locally on our web server, no data is transferred to third parties.
This processing is based on our legitimate interest in ensuring the full functionality of the website, pursuant to Art. 6(1)(f) GDPR.
Our website integrates audio and video content provided by external platforms. To play such content, your device must connect to the respective audio or video platform, which involves transferring personal data such as your IP address, location data, browser, and device information.
This processing occurs only with your consent as given via our cookie banner. The legal basis is Art. 6(1)(a) GDPR. Without your consent, the content will not be loaded. If you withdraw consent, the processing stops. Past processing remains lawful.
We use YouTube services on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Using this service may result in data transfers to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection.
Further information is available in the provider’s privacy policy:
https://business.safety.google/privacy
This website uses web fonts provided by an external provider to ensure consistent font rendering. When accessing the site, your browser connects directly to the provider’s server, which receives your IP address and the information that you accessed our website.
Processing takes place only with your prior consent (via our cookie banner). The legal basis is Art. 6(1)(a) GDPR. Without your consent, fonts will not be loaded from the external provider. If consent is withdrawn, the processing ends. Prior processing remains lawful.
We use the Google Fonts service on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Using this service may involve data transfers to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection.
Further information is available in the provider’s privacy policy: https://business.safety.google/privacy
Our website uses tools that enable or facilitate advertising and the analysis of campaign performance. This involves processing personal data such as IP address, access times, and device information.
This processing takes place only with your prior consent, obtained via our cookie banner. The legal basis is Art. 6(1)(a) GDPR. If you do not consent, the tools will not be used. Withdrawal of consent stops further processing. Processing carried out prior to withdrawal remains lawful.
We use Google Ads on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Using this service may result in data transfers to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection.
More information can be found in the provider’s privacy policy: https://business.safety.google/privacy
We use the Google DoubleClick service on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Using this service may involve a transfer of personal data to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework, which guarantees an adequate level of data protection.
Further information is available in the provider’s privacy policy: https://business.safety.google/privacy
Our website offers the option to contact us via a contact form. To use this form, we require certain contact details from you.
If you give your consent, the legal basis for processing is Art. 6(1)(a) GDPR. You can withdraw your consent at any time.
If your inquiry relates to our products, services, or company, the data processing is carried out for the performance of a contract or pre-contractual measures pursuant to Art. 6(1)(b) GDPR. Additionally, we may have a legitimate interest in maintaining business relations or responding to your inquiry, in which case Art. 6(1)(f) GDPR applies.
Your data will be deleted once your inquiry has been fully processed, provided there are no statutory retention obligations that require further storage.
This data will not be shared with third parties without your consent.
If you contact us in the context of pre-contractual or contractual matters, the legal basis is Art. 6(1)(b) GDPR. For all other inquiries, the legal basis for processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR.
In accordance with legal requirements, we provide a telephone number and email address on our website. Any data you transmit via these channels will be stored by us in order to process your inquiry or contact you.
You have the option to send us a job application (e.g. by post, online application form, or email). The personal data collected during this process is stored and processed for the purpose of managing the application procedure.
The legal basis for processing is Art. 6(1)(b) GDPR and, if consent is given, also Art. 6(1)(a) GDPR. You may withdraw your consent at any time. The legality of processing up to the point of withdrawal remains unaffected.
If the application results in an employment relationship, the data will be stored for the purpose of managing the employment relationship under Art. 6(1)(b) GDPR. If no employment relationship arises, the data will be retained based on Art. 6(1)(f) GDPR for the duration of potential legal claims, particularly in relation to alleged discrimination in the recruitment process. This is necessary for defense against legal claims or accusations.
If you have given your consent, your data may be stored beyond this period on the basis of Art. 6(1)(a) GDPR. Consent can be withdrawn at any time. The legality of the data processing carried out before withdrawal remains unaffected.
If no employment relationship is established, you may be included in our applicant pool. In this case, your application data will be stored to contact you for future relevant job openings.
Storage in the applicant pool takes place only with your consent, in accordance with Art. 6(1)(a) GDPR. You may withdraw your consent at any time, upon which your data will be deleted unless statutory retention periods apply. If no such periods exist, deletion will occur automatically after two years. The legality of processing prior to withdrawal remains unaffected.
Our website includes a contact form for submitting requests for quotes. In order to respond to your request and prepare an offer, we require your contact details and address.
The processing is carried out for the purpose of performing a contract or taking steps prior to entering into a contract, based on Art. 6(1)(b) GDPR. Additionally, there may be a legitimate interest in maintaining business relationships or responding to your request for other reasons. In such cases, the legal basis is Art. 6(1)(f) GDPR.
Your data will be deleted once your inquiry has been fully answered and no further legal retention obligations apply.
